Description: This video demonstrates how to replicate an actor known by many names (Energetic Bear, Crouching Yeti, and Dragonfly). I'll show you how to modify Beacon's C2 to look like the havex trojan. We will also stand up a Java drive-by attack to deliver a Beacon. We'll analyze all of this with Snort and Wireshark too.
Symantec's Report:
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/Dragonfly_Threat_Against_Western_Energy_Suppliers.pdf
Kaspersky's Report:
http://securelist.com/files/2014/07/EB-YetiJuly2014-Public.pdf
Notes on havex trojan:
http://pastebin.com/qCdMwtZ6
Cobalt Strike is at http://www.advancedpentest.com/
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.